Your privacy is important to us and this Privacy Statement (“Statement”) provides important information about how Quest Group controls and/or processes personal information. This Statement applies to our website, products or services (collectively, our “Services”). Please read this Statement carefully and contact our Data Protection Officer if you have any questions about our privacy practices or your personal information rights. This Statement is effective from 25th May, 2018.
1. Our identity as a Data Controller and/or Data Processor and contact details;
1.1. Quest Group is the controller of all personal data processing we undertake in relation to the maintenance of contacts with our service providers and business partners. We do not process personal data when viewers access our website.
1.2. Our correspondence address is 52-54 Gracechurch, London EC3V 0EH.
1.3. Quest Group contracts with Data Controllers in order for us (as a Data Processor) to provide them with policy holder and/or claimant services. We operate under the written instructions of our Data Controllers and process personal data in accordance with their Privacy Statements.
1.4. If you wish to enquire about our Data Controllers’ Privacy Statements please contact Quest Group’s Data Protection Officer.
1.5. The remainder of this Statement relates solely to data protection and privacy of personal data processing that Quest Group control.
2. What personal data is processed
2.1. We and our Processors process the following personal data:
2.2. Service Provider and Business Partner personal data: We/our Processors may record name, postal address, email address, business telephone number, mobile telephone number and other personal data we consider to be the minimum personal data necessary to maintain contact with companies and/or individuals that provide a service to us or for which there is a business relationship.
3. The source(s) of the personal data
3.1. Service Provider and Business Partner personal data: We/our Processors may receive personal data from companies and/or individuals that provide a service to us or for which there is a business relationship at the commencement or continuation of the relationship.
4. The purpose(s) of the personal data we process and legality
4.1. We and our Processors process the following types of personal data, based on the stated legality:
4.2. Service Provider and Business Partner personal data: our legality for processing such data is our legitimate interest in maintaining contact with companies and/or individuals that provide a service to us or for which there is a business relationship;
5. Who our processors are and where the processing is performed;
5.1. Quest Group has entered into a service agreement with TigerNet Solutions Limited to provide information technology services for which they process personal data under our control.
5.2. Tigernet process personal data at The Cow Shed, Mill Lane, Scotsgrove, Thame, Oxon OX9 3RP.
6. Personal data security and confidentiality;
6.1. Security and confidentiality of personal data is important to us and our Processors.
6.2. We/our Processors:
6.3. Only use appropriate technologies and procedures to protect the security and confidentiality of personal information;
6.4. Have information technology (‘IT’) policies and procedures aligned with widely accepted international standards and are reviewed regularly and updated as necessary to meet our business needs, changes in technology, and regulatory requirements.
7. The disclosure of personal data to third parties;
7.1. We do not disclose personal data that Quest Group control to third parties.
8. Personal data retention period;
8.1. We/our Processors will process service provider and business partner contact details for as long as the relationship with the provider or partner exists or as we consider appropriate.
9. Individual’s data protection rights;
9.1. If you reside in the European Union, you have the right under the General Data Protection Regulation to request access to and rectification or erasure of your personal data, data portability, restriction of processing of your personal data, the right to object to processing of your personal data, and the right to lodge a complaint with a Supervisory Authority. If you reside outside of the European Union, you may have similar rights under your local laws.
9.2. To request access to or rectification, portability or erasure of your personal data, contact our Data Protection Officer.
10. Our Data Protection Officer contact details;
10.1. James Perkins, Quest Group Data Protection Officer.
10.2. Correspondence address: Quest Group, 52-54 Gracechurch, London EC3V 0EH.
10.3. Email address: email@example.com
11. Data protection Supervisory Authority contact details
11.1. Correspondence address: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.
11.2. Telephone: +44 (0)303 123 1113.